diff options
Diffstat (limited to 'app/policies/project_policy.rb')
-rw-r--r-- | app/policies/project_policy.rb | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index ad6155258ab..564215f6e50 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -44,6 +44,9 @@ class ProjectPolicy < BasePolicy desc "Project is public" condition(:public_project, scope: :subject, score: 0) { project.public? } + desc "project is private" + condition(:private_project, scope: :subject, score: 0) { project.private? } + desc "Project is visible to internal users" condition(:internal_access) do project.internal? && !user.external? @@ -55,6 +58,9 @@ class ProjectPolicy < BasePolicy desc "User is a requester of the group" condition(:group_requester, scope: :subject) { project_group_requester? } + desc "User is external" + condition(:external_user) { user.external? } + desc "Project is archived" condition(:archived, scope: :subject, score: 0) { project.archived? } @@ -913,6 +919,8 @@ class ProjectPolicy < BasePolicy prevent :read_project end + rule { ~private_project & guest & external_user }.enable :read_container_image + private def user_is_user? |